This Week in Technology

Popup enlarges at the last second so users click on ads instead of ‘Close’ button

When the user moves his mouse to close the popup, CSS code from that page will expand the popup and move the ad in the cursor's path, so any click on the close button will actually land on the ad instead.

How to prevent rootkit-enabled malware Scranos from harming your organization

Scranos cloaks itself as cracked software or apps that pose as legitimate programs, such as ebook readers, video players, drivers, and even security products. Upon execution, a rootkit driver is installed to hide the malware. Scranos then contacts the command and control centers to trigger the download of other components.

Company representative Aliese Polk said the breached employee email accounts contained personal information on fewer than 60,000 people, including about 31,000 patients. The company, based in Plantation, Florida, says it doesn’t know if the personal information was taken, and there’s no indication it was used for fraud or identity theft.

Cybersecurity company Symantec announced it has become a member of the United States’ Department of Defense’s (DOD) Defense Industrial Base (DIB) Cybersecurity (CS) program. The DIB CS program is a voluntary cyber threat information-sharing initiative established by the DOD to enhance and supplement DIB participants’ capabilities to mitigate cyber attacks.

Unfortunately, with confusing and conflicting messages about what AI can and can’t do, it is challenging for industry leaders to distinguish between facts and fiction in the rapidly crowded and noisy ecosystem of enthusiasts, platform vendors, and service providers.

The source code of one of the world's most dangerous malware strains has been uploaded and left available on VirusTotal for two years, and almost nobody has noticed. It was discovered by security researchers from US cyber-security firm FireEye, analyzed for the past two years, and made public today, so other members of the cyber-security community can also benefit from the company's finding.

Now researchers have uncovered evidence that the same hackers who targeted Asus with that sort of supply chain hack earlier this year have also targeted three different videogame developers—this time aiming even higher upstream, corrupting the programming tools relied on by game developers.

Cybercriminals are now using File Cabinet to upload malware to websites and send the links to victims via phishing emails. Victims who click the links — which are displayed with Google URLs — are taken to attackers' websites. There, they are presented with a malicious executable, typically a PDF disguised as a guesthouse or hotel reservation.

Talos researchers said they discovered that DNSpionage added a reconnaissance phase, that ensures the payload is being dropped on specific targets rather than indiscriminately downloaded on every machine. This level of attack also returns information about the workstation environment, including platform-specific information, the name of the domain and the local computer, and information concerning the operating system

Security researchers at Symantec say they’ve seen a recent spike in a new malware, dubbed Beapy, which uses the leaked hacking tools to spread like wildfire across corporate networks to enslave computers into running mining code to generate cryptocurrency.

With CloudGuard Dome9, when a firm transitions to a public cloud, it can be used to visualize and assess the security state of a company, detect misconfigurations, implement the best security practices, and protect the company from data theft and data loss. This system is already used by Amazon Web Services, Microsoft Azure, and Google Cloud Platform.

Organisations need to feed their new analytics applications or test future projects with real data. And to do this, they need data stored in object format to be as rapidly accessible as if it is in production SAN arrays, says Gabriel Ferreira a technical director at Pure Storage.

The attack, which starts with a malicious attachment disguised as a top secret US document, weaponizes TeamViewer, the popular remote access and desktop sharing software, to gain full control of the infected computer.